Php intermediate mysql statement implementation code
Source: Internet
Author: User
If you want to insert a string with single or double quotation marks in the format of "Hello" to the database, you can use a backslash to escape the string. But what if there is too much content? You cannot manually escape each of these special characters. What's more, you usually process the content automatically submitted by the form.
Therefore, use the mysql_real_escape_string function:
Mysql_real_escape_string-special characters in the character strings used in the escape SQL statement, taking into account the connected current character set.
But note: This function does not escape % and _. In addition, it is best not to use this function for the entire SQL statement, but to only escape the string parameters passed into the SQL statement, otherwise unexpected results will occur.
Script example:
Copy codeThe code is as follows:
$ Item = "Zak's and Derick's Laptop ";
$ Escaped_item = mysql_real_escape_string ($ item );
Printf ("Escaped string: % s \ n", $ escaped_item );
?>
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.
A Free Trial That Lets You Build Big!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
